Zero-day attacks: How to fight back

With cybercrime hitting more than 500 million victims globally and costing $100 billion annually, it's clear that security breaches are a problem very far from being solved. One particularly dangerous threat that doesn't seem to be getting its fair share of attention is zero-day attacks.

With cybercrime hitting more than 500 million victims globally and costing $100 billion annually, it's clear that security breaches are a problem very far from being solved. One particularly dangerous threat that doesn't seem to be getting its fair share of attention is zero-day attacks.

True, zero-days are just one part of the overall threat landscape. However, virtually everyone is at risk from a zero-day attack. And the threat from zero-day vulnerabilities occurs long before vendor or public discovery, and remains active long after patches are released.

Kasper Lindgaard, head of research at Secunia, explains that "a zero-day vulnerability is a vulnerability that has only been discovered by hackers. The vendor does not yet know of the vulnerability and therefore has not developed a patch for it. In contrast, a general vulnerability is disclosed by the vendor who typically has a patch ready.''